From: Eckhof, Cassandra (DPH) 

Sent: Wednesday, January 30,2008 3:15 PM 

To: ValdesLupi, Monica (DPH); Levin, Donna (DPH); Lyons, Tom (DPH); Botticelli, Michael (DPH); Clark, Mary (DPH); Condon, Suzanne (DPH); Cranston, Kevin (DPH); Crowther, Suzanne (DPH); Daniel, James (DPH); 

Delaney, Daniel (DPH); DeMaria, Alfred (DPH); Dreyer, Paul (DPH); Dyke, Edmund (DPH); Fogerty, Sally (DPH); Gilchrist, Mary (DPH); Jerome, Lana (EHS); Landers, Stewart (DPH); McCauley, Philip (DPH); Okeefe, 
Jerry (DPH); Ridley, Nancy (DPH); Smith, Lauren (DPH); Weisberg, Carol (DPH); Wilkinson, Geoff (DPH); Ballin, James (DPH); Conboy, Nancy (DPH); Cabral, Randal (DPH); Bimbashi, Erti (DPH); Beagan, Brianne 
(DPH): Wall, Hilary (DPH); Troppy, Scott (DPH); Murphy, James (DPH); Knorr, Robert (DPH); Wilber, Nancy (DPH); Curley, Mary Beth (DPH); Mascioli, Lynette (DPH); Foster, Kevin (DPH); Mehiman, Alison (DPH); 
Caloggero, Dina (DPH); 'DiNatale, Margaret (DPH)'; Noonan, Kathryn (DPH); Bilodeau, Peter (DPH); Bain, Ian (DPH); Paskowsky, Mark (DPH); Dvorak, Jane (DPH); Ratchell, Eduardo (DPH); Anderson, Teresa 
(DPH): Bilansky, Arnold (DPH); Caceres, Isabel (DPH); Collins, Rachel (DPH); Hanchett, Andrew (DPH); Hawk, Elena (DPH); Hobbs, Sylvia (DPH); Hood, Malena (DPH); Hume, Beth (DPH); John, Betsey (DPH); 
MacMillan, Annie (DPH); Mitra, Monika (DPH); Ohannessian, Dana (DPH); Rowe, Dan (DPH); Tran, Loc (DPH) 

Cc: Miller, Tracy (DPH); Mroszczyk, Alice (DPH); Anderson, William (DPH) 

Subject: How to Destroy Confidential Information 


Last fall, the legislature passed An Act Relative to Security Freezes and Notification of Data Breaches (Chapter 82 of the Acts of 2007), which included provisions on security breaches, the right to a credit 
report freeze, and the disposition and destruction of records. The first two provisions became effective October 31, 2007 and the disposition and destruction of records will become effective February 3, 
2008. This memo focuses on the destruction of records provision. 

The Disposition & Destruction of Records, M.G.L. Chapter 93I . specifies how records containing Massachusetts residents' identification numbers such as social security numbers, driver’s license numbers, 
financial account numbers, and credit or debit card numbers should be destroyed. The implementation of this law represents a good opportunity to remind everyone of the steps that must be taken when 
disposing of records containing confidential information. 

Chapter 93I refers to “personal information" and MDPH Confidentiality Policy and Procedures refer to “confidential information.” While these definitions are slightly different (see definitions below), they 
both encompass information that must be destroyed prior to disposition to protect against anyone accessing the information. The standards for destruction are identical. If you are not sure whether 
something is confidential for destruction purposes, take the more conservative route and consider it confidential (the procedures below refer generically to “confidential information”). If you follow these 
procedures, you will be complying with both Chapter 93I and MDPH Confidentiality Policy and Procedures. 

First, determine if you are authorized and have permission to destroy the information under the Statewide Records Retention Schedule . A description of this process is beyond the scope of this memo, but 
can be found on HealthNet at Records Retention . 

If you have permission to destroy the information, or don’t need permission, destroy the information according to these minimum standards: 

a. If the confidential information is on paper documents, destroy the records in a way that it cannot be read or reconstructed. Shredding is the preferred method. Redaction (blacking out) is also 
an acceptable method. 

b. If the confidential information is on a form of electronic media, it must be destroyed or erased so that it cannot be read or reconstructed. Deleting computer files is not sufficient . Special 
software is required to delete a file from a computer or other portable media, including thumb drives or laptops. Contact the Help Desk for assistance. Floppy disks, CDs, and DVDs must be 
made unusable by physical destruction. The Help Desk has a CD shredder that is available to all MDPH staff. 

If you have any questions related to destruction of personal or confidential information, do not hesitate to contact me at 617.624.5219. To contact the Help Desk, call 617.624.5877. 


Distribution : Commissioner’s Staff 
Bureau Directors 
Privacy Liaisons 
Data Liaisons 


Chapter 931 

The Disposition & Destruction of Records 

Personal information means a resident's first 
name and last name or first initial and last name 
in combination with any 1 or more of the 
following data elements that relate to the 
resident:-- 

(a) Social Security number; 

(b) driver's license number or Massachusetts 
identification card number; 

(c) financial account number, or credit or debit 
card number, with or without any required 
security code, access code, personal 
identification number or password that would 
permit access to a resident's financial account; 
or 

(d) a biometric indicator. 


MDPH Confidentiality Policies & Procedures 


Confidential Information means, unless otherwise 
defined by law, any individually identifiable 
information, including, but not limited to, medical and 
demographic information, that: 

1. Reveals the identity of the data subject 
or is readily identified with the data 
subject, such as name, address, 
telephone number, social security 
number, health identification number, or 
date of birth; or 

2. Provides a reasonable basis to believe 
that the information could be used, 
either alone or in combination with other 
information, to identify a data subject. 


Cassie Eckhof | Privacy Officer | Privacy & Data Access Office 
Massachusetts Department of Public Health 
250 Washington Street, Boston, MA 02108 
617.624.5219 | 617.624.5234 fax 
cassandra.eckhof^state.ma.us 
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